LibC: Don't delete null check in gettimeofday

The `nonnull` attribute may delete null checks in the generated code, as
per the [GCC documentation]:

> The compiler may also perform optimizations based on the knowledge
> that nonnul parameters cannot be null. This can currently not be
> disabled other than by removing the nonnull attribute.

Disassembling the function as compiled by GCC, we can see that there is
no branch based on if `tv` is null.  This means that `gettimeofday`
would produce UB if passed a null parameter, even if we wanted to
predictably return an error.  Clang refuses to compile this due to a
`pointer-bool-conversion` warning.

In this commit, `settimeofday` is changed as well to match
`gettimeofday`'s null argument handling.

[GCC documentation]:
https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-nonnull-function-attribute

Userland/Libraries/LibC/sys/time.h

@@ -23,8 +23,8 @@ struct timezone {
 };
 
 int adjtime(const struct timeval* delta, struct timeval* old_delta);
-int gettimeofday(struct timeval* __restrict__, void* __restrict__) __attribute__((nonnull(1)));
-int settimeofday(struct timeval* __restrict__, void* __restrict__) __attribute__((nonnull(1)));
+int gettimeofday(struct timeval* __restrict__, void* __restrict__);
+int settimeofday(struct timeval* __restrict__, void* __restrict__);
 int utimes(const char* pathname, const struct timeval[2]);
 
 static inline void timeradd(const struct timeval* a, const struct timeval* b, struct timeval* out)

Userland/Libraries/LibC/time.cpp

@@ -54,6 +54,11 @@ int gettimeofday(struct timeval* __restrict__ tv, void* __restrict__)
 
 int settimeofday(struct timeval* __restrict__ tv, void* __restrict__)
 {
+    if (!tv) {
+        errno = EFAULT;
+        return -1;
+    }
+
     timespec ts;
     TIMEVAL_TO_TIMESPEC(tv, &ts);
     return clock_settime(CLOCK_REALTIME, &ts);